Table of Contents
Advertisement
ACL Commands
ip access-group in
ip access-group in
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
urg, -ack, -psh, -rst, -syn, and -fin. The flags are concatenated to one string,
such as +fin-ack.
Default Configuration
No IPv6-based ACE is defined.
Command Mode
IPv6 Access-List Configuration mode
User Guidelines
The number of TCP/UDP ranges that can be defined in ACLs is limited. You can
define up to #ASIC-specific ranges for TCP and up to #ASIC-specific ranges for
UDP.
If a range of ports is used for a source port in ACE, it is not counted again if it is
also used for a source port in another ACE.
If a range of ports is used for a destination port in ACE, it is not counted again if it is
also used for a destination port in another ACE.
If a range of ports is used for a source port, it is counted again if it is also used for a
destination port.
Example
switchxxxxxx(config)# ipv6 access-list server
switchxxxxxx(config-ipv6-acl)# deny tcp 3001::2/64 any any 80
To bind an IPv4-based ACL to an interface, use the ip access-group in Interface
Configuration mode command.
To remove all IPv4-based ACLs from an interface, use the no form of this
command.
Syntax
acl-name
ip access-group
no ip access-group in
in
4
73
Advertisement
Table of Contents
